package com.zhangquancheng.shirodemo.config;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.zhangquancheng.shirodemo.entity.*;
import com.zhangquancheng.shirodemo.mapper.*;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

/**
 * @Author: zhangquancheng
 * @Description:
 * @Date: 2022/7/14 1:36 下午
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    TbUserRoleMapper tbUserRoleMapper;
    @Autowired
    TbRolePermissionMapper tbRolePermissionMapper;
    @Autowired
    TbUserMapper tbUserMapper;


    /**
     * @Description 授权 权限匹配
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("AuthorizationInfo -----------授权");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //拿到当前登录的这个对象
        Subject subject = SecurityUtils.getSubject();
        TbUser currentUsers = (TbUser) subject.getPrincipal();

        //获取角色
        QueryWrapper queryWrapper = new QueryWrapper<TbUserRole>();
        queryWrapper.select().eq("user_id",currentUsers.getId());
        List<TbUserRole> tbUserRoles = tbUserRoleMapper.selectList(queryWrapper);
        //获取权限
        queryWrapper = new QueryWrapper<TbRolePermission>();
        queryWrapper.select().in("role_id",tbUserRoles.stream().map(TbUserRole::getRoleId).collect(Collectors.toList()));
        List<TbRolePermission> tbRolePermissions = tbRolePermissionMapper.selectList(queryWrapper);

        //设置角色与权限
        info.setRoles(tbUserRoles.stream().map(i->i.getRoleName()).collect(Collectors.toSet()));
        info.setStringPermissions(tbRolePermissions.stream().map(i->i.getPermissionName()).collect(Collectors.toSet()));

        return info;
    }

    /**
     * @Description 认证 账号密码匹配(登陆)
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("AuthorizationInfo -----------认证");
        //用户名，密码，从数据库中取
        UsernamePasswordToken userToken = (UsernamePasswordToken) authenticationToken;
        QueryWrapper queryWrapper = new QueryWrapper<TbUser>();
        queryWrapper.select("id","password","username","salt").eq("username",userToken.getUsername());
        TbUser dbuser = tbUserMapper.selectOne(queryWrapper);
        //不存在这个用户
        if (Objects.isNull(dbuser)) {
            throw new UnknownAccountException("不存在用户");
//            return null;
        }
        //密码认证，shiro去做
        return new SimpleAuthenticationInfo(dbuser, dbuser.getPassword(), ByteSource.Util.bytes(dbuser.getSalt()),this.getName());
    }
}
